The deal that is expected to close during the fiscal fourth quarter ending May 31, 2016.

Industry observers are weighing in on whether the merged companies will successfully build a strong culture of security.

"Heartland really took its breach to heart and was one of the best examples of how to learn from such an event and turn it into a leadership opportunity," says Al Pascual, director of fraud and security at Javelin Strategy & Research. "I give the CEO [Bob Carr] a lot of credit for that. Global Payments was quite the opposite, with one of the least transparent breach events in the payments industry. I'm hoping the security culture of Heartland becomes the dominant one."

But Tom Wills, managing director of payments security consultancy Secure Strategies, says it could be difficult for the new company created through the merger to improve security.

"Bigger doesn't mean more secure at all, though in this case I expect that a high priority will be put on security, with the merged companies both having been breached," he says. "Practically speaking, integrating security programs from two companies this size is a lengthy and complex process. So if we see better security, overall, it will be down the road a year or two; not right away."

And in January 2009, Heartland revealed the discovery of a data breach that compromised some 130 million credit and debit cards, setting the benchmark for payments cybercrime. Heartland's breach cost approximately $150 million to remediate, says Carr, the company's chairman and CEO.

Risks During Merger

Some observers warn the companies will face a higher risk of hacker attacks in the months leading up to the completion of the deal.

"There are always challenges integrating two substantial organizations and their processing systems," says Mike Urban, an independent financial fraud and payments expert. "Since both organizations process high-value data and have gone through the painful process of breach response and remediation, one would expect a thoughtful and secure integration. Heartland, in particular, has been at the forefront of card payment data security innovations. But a very real risk is criminals attempting to socially engineer their clients through phishing and other channels during the transition."

Ben Knieff, a financial fraud and security analyst at consultancy Aite, says hackers often target companies that are in the midst of a merger. "There are a lot of challenges on the IT and security side, and the criminals know this," he says. "They leverage mergers and acquisitions as a time of chaos they can take advantage of to exploit any and every weakness of both firms. They will be probing and looking for even more holes as the integration unfolds."

Building a Bigger Processor

If approved by Heartland's shareholders and regulators, the merged company will serve nearly 2.5 million merchants globally and have more than $3 billion in adjusted net annual revenue, Global Payments says.

Global Payments had about 2.9 percent of the global transactions processing market in 2014, while Heartland had about 2.1 percent, Bloomberg Business reports.

The merger will help accelerate revenue growth, Global Payments says, by leveraging Heartland's expertise in technology solutions and product and sales capabilities through direct distribution in the 29 countries where Global Payments currently does business.

Opportunities to cross-sell Heartland's point-of-sale, payroll, loyalty and gift solutions into Global Payments' core U.S. and international markets will be augmented by deeper penetration into key Heartland vertical markets, including restaurants and education, Global Payments says.

"This partnership with Heartland marks a major milestone for our company, significantly enhancing our direct presence in our largest market and transforming Global Payments into the leading provider of integrated payments technology solutions in the world," Jeffrey S. Sloan, Global Payments' CEO, notes in a statement.

"I believe the combination of our companies will become the most valuable payments company on the planet," Carr says in a statement. "In the U.S., Heartland will continue to operate under its brand and under its business model."

About the Author

A veteran journalist with more than 18 years' experience, Kitten has covered the financial sector for the last 11 years. Before joining Information Security Media Group in 2010, where she now serves as the Executive Editor of BankInfoSecurity and CUInfoSecurity, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;